I'm a privacy pragmatist, writing about the intersection of law, technology, social media and our personal information. If you have story ideas or tips, e-mail me at khill@forbes.com. PGP key here.
These days, I'm a senior online editor at Forbes. I was previously an editor at Above the Law, a legal blog, relying on the legal knowledge gained from two years working for corporate law firm Covington & Burling -- a Cliff's Notes version of law school.
In the past, I've been found slaving away as an intern in midtown Manhattan at The Week Magazine, in Hong Kong at the International Herald Tribune, and in D.C. at the Washington Examiner. I also spent a few years traveling the world managing educational programs for international journalists for the National Press Foundation.
I have few illusions about privacy -- feel free to follow me on Twitter: kashhill, subscribe to me on Facebook, Circle me on Google+, or use Google Maps to figure out where the Forbes San Francisco bureau is, and come a-knockin'.

Why Facebook's New 'Anonymous Login' Matters

Facebook is moving one step closer to becoming your all-access pass to the Internet. CEO Mark Zuckerberg announced today that the company plans to offer “Anonymous Login.” Don’t get confused: That doesn’t mean you can log in to Facebook anonymously. It means you can use your Facebook account to log-in to other sites and apps anonymously. Say here at Forbes. Like so many companies in the digital space, we now require people to create an account to interact with us, so you either have to give us an email address or use a social account to comment. With Facebook’s “anonymous login” offering, you could comment on our site using your Facebook account, but without giving us access to your name, profile photo, birthdate, friends list, astrological sign, blood type, and the ex you’re most embarrassed to have dated.

Unfortunately, you can’t do that at Forbes quite yet. In a release about the new offering, the big blue giant says it is “testing Anonymous Login with a few developers” with plans to “open it up to more developers in the coming months.” More immediately, users logging into a website or app using Facebook will have more control over which information from their profile gets handed over.

Assuming “Anonymous Login” becomes universally available, I assume it will be widely used. The sign up process for new services is laborious. Everyone hates filling out forms for a new account, and confirming a password via email. It’s far easier to “log in using Facebook” (or Twitter or Google) but most people hate the information hand-over that entails, giving some new service access to your Facebook deets or the right to post tweets on your Twitter account.

Erasing that risk will make people even more comfortable using Facebook as their universal sign-in across the Web and app ecosystem. Which is great for Facebook as a utility; even if people aren’t visiting Facebook as often, they’re using it constantly to interact with other services. Though it’s allowing users to sign into third party services anonymously — by provided those services with a unique code that can’t be tied back to the person’s Facebook account — their use of those services won’t be anonymous to Facebook. Facebook the data broker will still know every service their users are signed up for, making them even more valuable to advertisers who want to target particular groups. By giving users the power of anonymity for services outside of Facebook, the company makes itself more valuable as the broker who grants access to those users, about which it knows so much.

In other words, anonymous login is not really anonymous. Facebook still knows who you are, and can tie you to your behavior on those third party sites, say if law enforcement comes calling.

As my colleague Jeff Bercovici notes, “this [is a big step] for Facebook, a company that’s always been about real identity, sharing and user data. The success of privacy-oriented apps like Snapchat, Whisper and Secret evidently is not lost on them.”

Zuckerberg spoke with Wired’s Steven Levy about why Facebook is offering this up, even if it risks infuriating developers around Facebook, who will be starved of user information when Anonymous Login is used.

ZUCKERBERG:: Our philosophy is that we care about people first. In the case of login, some of the things that we’re doing may add a little bit of friction to the experience by giving people the opportunity to not share certain things with apps. That will mean that developers will have to adjust. Over time, making it so that people trust the blue button to log in to Facebook will ultimately be good for developers, too.

According to Facebook, the “blue button” — used to sign into everything from Airbnb to Forbes — was used “over 10 billion times last year, giving [users] a fast and easy way to sign in to apps without having to remember separate usernames and passwords.” It has become the driver’s license that people flash to get into the digital bars around the Web. Though 10 billion seems small in light of Facebook’s billion person user base.

WIRED: It seems you’re also responding to the idea that people in general are uneasy about how much information is on Facebook, and sharing that information with developers might give them pause.

ZUCKERBERG: When we were a smaller company, Facebook login was widely adopted, and the growth rate for it has been quite quick. But in order to get to the next level and become more ubiquitous, it needs to be trusted even more. We’re a bigger company now and people have more questions. We need to give people more control over their information so that everyone feels comfortable using these products.

Levy does point out that this is not about anonymity from Facebook but with Facebook.

WIRED: Also, you’re now allowing people to use Facebook Connect without revealing who they are.

ZUCKERBERG: Yeah. But I don’t think that this is making anonymity on Facebook. What it’s doing is allowing someone to sign in to an app without revealing who they are to the app. But then we also offer this nice upgrade path so that after you’ve signed in anonymously, if you are comfortable telling the app your information, you can easily do that. You can maintain a seamless experience without having to set up a new identity within the app because it’s all continuous.

In other words, “anonymity” is the gateway drug to greater disclosure. Once the connection is made, it’s expected you’ll take the cloak off and share some info.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.

Comments

Personally, I always recommend app and websites developers think very carefully about using Facebook’s API login (or anyone else’s API) to build their customer base. In practice, Facebook “owns” the customer using the API login, in the sense that Facebook can (and sometimes does) turn off the API for the developer and completely sever the connection between the developer and “its” users. Developers can avoid this fate by immediately building the connection with users using the user data downloaded through the API. A fully “anonymous” login would prevent the developers from doing that. As a result, I wouldn’t be surprised if developers will be reluctant to use the anonymous login, because it is tantamount to giving Facebook 100% control over its userbase. Eric.

Totally agree with Eric. The so-called “Anonymous Log-in” seems to be more of a branding exercise – reinforcing Facebook’s image as the “safe” network. But with Facebook having 100% control, I don’t see what the value is for the 3rd party to implement this.

In my site projects I use FB login to create the account, after which it won’t matter if a rift opens in the earth and swallows FB whole.

In any case I use Google to login to accounts like this for a more basic personal reason: I trust Google. All I see in FB is a company unsure of what it is supposed to be, blowing money like a drunken sailor, and trying desperately to become something else, because what it started as can’t and won’t last.

The entire world bothers with FB for little other reason than to get users away from it. Even these new moves aren’t going to change that.

That value is in ease of use: users don’t want to create yet another account, have to pick a password, validate their email address, etc. Developers don’t want to have to deal with customer support or staff for anti-spam measures. Using a third-party login is a good solution for both except that many, many people are reluctant to do so because they aren’t sure how a company will use their personal information and there are plenty of examples in recent memory of companies which used Facebook logins to spam your friends.

Leaving this comment is the perfect example: I hit reply but wasn’t logged in. My password vault didn’t have a saved forbes.com login so I chose to create a new account. After entering all of my information, I was told that my email address was already on file. Click reset, head over to my email and wait for the link to arrive, generate a new password, save everything. Reload this page and finally enter that comment.

Sure, I could have saved a couple steps by logging in using Facebook but, like many people, I prefer not to give tons of companies all over the web that much information simply so I can leave a comment. If there was an anonymous login option, I’d have used it to verify that I’m not a spammer but otherwise not provide my personal information.

Chris Adam : i believe using any API is better than facebook, i been with FB login API for more than 5 year, today they shut my account down without single warning and no single reason too (just shut down my personal account, removing all my app ) …… this their reason : “Facebook’s automated systems recently restricted your personal account from creating new applications. We are writing on behalf of the Facebook Platform team to let you know that any applications that were under your sole control as a developer have been disabled as a precautionary measure, which include ”

yes i lose years of hard work …. btw my business page is back to zero content.

This is a very savvy business move on Facebook’s part. First, It allows a FB user to enjoy the convenience of using one’s FB credentials to log in to a third party site without having to weigh that convenience against the access and potential use of one’s FB information by the third-party. This will be attractive to many users. I rarely log into third party sites (such as Forbes) with FB or Twitter because of what that entails. Second, this move gives the appearance that FB is concerned about the privacy of user’s information, yet the information FB collects on users will not be curtailed. I agree with Professor Goldman’s point that web sites and app developers might not like this feature, but I predict it will become very popular and sites and app developers will be hard pressed not to accept it, notwithstanding the dangers Eric identifies, for fear of alienating their customers.

I have no problem with the good folks @Forbes knowing all of my data posted @ThefacebookWall — & I’ll tell you something that Zuckerberg DOESN’T know about me – my blood type is “O Positive” – though the octogenarian progenitoress – certain to make Willard Scott’s “Smuckers List” – would correct me – “You may be ‘type O,’ but it is ‘O Negative.’ ” Mr. Zuckerberg had been born in White Plains NY – NOBODY used the Dobbs Ferry NY Hospital back in the 50′s — baby sis born in 1953 emerged in St. Josephs – Yonkers NY – as “ A Positive” – & the Docs “did an oil change” – pumped her full of “A Negative.” My own first-born, now a Theoretical Mathematician/Physicist thru PHD level had been born at St. Johns Riverside – Yonkers NY – a few months after Mr. Zuckerberg – & lived his first few months in Dobbs Ferry NY (the ex-wife, who had said that “nothing would change” after marriage, had made me move in with her – byebye Keene Valley NY!)

If the math/physics infant’s stroller had bumped into the “big blue” (very funny, IBM?) kid’s stroller in the Dobbs Ferry NY Grand Union in late 1984? “big blue” had his pacifier stolen. & He ends up surpassing the Forbes clan with his (access to) $Billions in record time.

We are in awe of what these Harvard drop-outs – Gates & Ballmer included – have accomplished in “bringing the world together.”

I had never received a response from Pepsico re: $250k grant request – offered for ideas that would “Make the World a Better Place.” $249,999 to develop an algorithm & licensing with “World Population Clock” + “XE Com Live Currency Converter” to enable global real-time access – the cost of “Buying the World A Coke.” (+ $1 postage = $250k)

Does Pepsico do biz with Forbes? Can you check into this? & maybe why “Vlad the Inhaler” & his house-guest Edward Snowden allowed the following – our 1997 “plant” to be reactivated & persist? TIA

http://mtal.chat.RU

Will it survive when Vlad reverts the TLD to “SU?” Or if the soon to be released from US Dept. of Commerce oversight ICAAN approves a new TLD for Vlad – “KGB?”

Not everybody uses the same social networks. The average user is notoriously fickle about this.

If in doubt, go back to basics – Name, website, email. It’s much better that you have a DIRECT relationship to your audience that doesn’t rely on any 3rd party.

I’ve seen the most saavy internet marketers go back to using a time-tested tool, the email listserv. With Z$uckerberg changing his mind about privacy every 6 months, I’d recommend this as the safest, most durable strategy.